Open source Wireshark sniffs new 1.4.3 network traffic

By Sean Kerner | January 12, 2011

From the 'What's That Smell?' files:

If you've ever had to audit/capture network traffic, you've likely used the open source wireshark (formerly Ethereal) application.

Wireshark is getting updated this week to version 1.4.3, providing some really interesting fixes. I personally use wireshark to audit network traffic and security, but apparently Wireshark itself had a trio of security flaws in it.

The Wireshark 1.4.3 security advisory, details a few conditions which could have led to a buffer overflow or an application termination.

In addition to the security fixes there is a long list of bug fixes for different issues as well as updated protocol support. One of the enhancements comes to DHCPv6, which is the IPv6 implementation of DHCP.

Auditing IPv4 network address is always *fun*, but try it on IPv6 and you better have some strong coffee nearby. Luckily with Wireshark analyzing IPv6 traffic - or nearly any protocol for that matter - is something that is open source and very accessible.